GamingOnLinux

The Arch Linux AUR had over 400 packages compromised with malware

Looks like the Arch Linux AUR (Arch User Repository) needs some better security and package checks - as some malicious users ...

New Shai-Hulud attack trojanizes 19 science-focused PyPI packages

Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud ...
Security

Survey: Widespread AI Use in the Workplace Creating New Security Risks

A new national survey by Anagram, a human-driven security training platform, reveals widespread use of generative AI tools in the workplace and growing behaviors that could put organizations at ...
GitHub

Arduino library for reading ISO15693 RFID tags using the PN5180 NFC Module from NXP Semiconductors

This library was created to read the UID of tags presented to a PN5180 RFID reader, such as below: The PN5180 implements the ISO15693 "vicinity" protocol, which typically enables tags to be read at a ...

Worrying open-source security issue 'BadHost' could affect millions of AI agents, experts warn

The risk is "materially understated", researchers are saying as passwords and critical data can be exfiltrated.
IEEE

A Novel Cipher for Enhancing MAVLink Security: Design, Security Analysis, and Performance Evaluation Using a Drone Testbed

Abstract: Unmanned Aerial Vehicles (UAVs) are being widely deployed for diverse applications, including surveillance, agriculture, logistics, disaster response, etc. Secure communication between a UAV ...
VentureBeat

GitHub confirms 3,800 internal repos stolen through poisoned VS Code extension as supply chain worm hits Microsoft’s Python SDK

GitHub confirmed on May 20 that a poisoned VS Code extension installed on an employee’s device gave attackers access to roughly 3,800 internal repositories at the Microsoft-owned code storage and ...
Reuters

US airlines oppose Trump plan to require small airports to use private security

WASHINGTON, May 19 (Reuters) - A group representing major U.S. airlines opposes a White House proposal to require smaller airports to use private security screeners instead of the Transportation ...
The Hacker News

18-Year-Old NGINX Rewrite Module Flaw Enables Unauthenticated RCE

Cybersecurity researchers have disclosed multiple security vulnerabilities impacting NGINX Plus and NGINX Open, including a critical flaw that remained undetected for 18 years. "NGINX Plus and NGINX ...
Microsoft

When configuration becomes a vulnerability: Exploitable misconfigurations in AI apps

AI and agentic application deployments on cloud-native platforms are increasing, and they often prioritize speed over secure configuration. Our observations from aggregated and anonymized Microsoft ...